MORE CONFLICKER – CHECK FOR INFECTION

CONFLICKER UPDATE:

Symantec’s got a pretty simple (and free) tool specifically for Conficker:
Download this file on an uninfected computer, follow the steps, and you should be okay.

Or.

Doxpara Research has release a ‘scanner’ to check for conflicker infection.

Security expert Dan Kaminsky, working with the Honeynet Project’s Tillmann Werner and Felix Leder, have discovered an easier way to detect if a machine on a network is infected by Conflicker.
Dan writes:”What we’ve found is pretty cool: Conficker actually changes what Windows looks like on the network, and this change can be detected remotely, anonymously, and very, very quickly. You can literally ask a server if it’s infected with Conficker, and it will tell you.

Go here:
http://www.doxpara.com/
download the scanner:
http://www.doxpara.com/scs.zip
Extract to folder and run it against your workstaions and servers:
Open command window – Start>run>type ‘cmd’

Navigate to the exanded directory and ‘run’ the scanner on each individual computer.
Example:
C:\ yourdesktop \scs\scs>scs.exe 192.168.31.2
[For the admins out you can use a host file for a range of IPs]

If you are unsure of how to find your IP address.
Open up command windows – – Start>run>type ‘cmd’ then type in “ipconfig /all”
[If you don’t know how to navigate in the DOS window check this out:
http://www.online-tech-tips.com/computer-tips/how-to-use-dos-command-prompt/ ]

Update – Another way to scan:
1. Download and install Python 2.6.1: [www.python.org] [python.org]
2. Download Impacket from [oss.coresecurity.com] [coresecurity.com] (or maybe [pypi.zestsoftware.nl] [zestsoftware.nl] or some other mirror)
3. Download the scanner from [iv.cs.uni-bonn.de] [uni-bonn.de]
4. Unpack Impacket into a folder, then install Impacket from a command line with c:\python26\python setup.py install
5. Run the scanner with the command c:\python26\python scs.py [starting_ip] [ending_ip]

Conflicker Protection

The hype and realities of the Conlicker Worm.

Yes folks, this is very dangerous worm. In fact Microsoft is offering a bounty for the capture and prosecution of the author!
But once again it’s spread is caused by all the usual suspects – un-patched systems, out of date Antivirus and Antispyware software and POOR computing practices. The hype regarding the ‘Conflicker’ worm is real. But can be mitigated with a few prudent actions.
Here are all of the tasks that should be done. And when I say all, I mean ALL. Not doing one or two will leave you open to attack.

Disable ‘Autorun’For XP, 2003, Vista and Win2000.
One of the first things I do on every system I build or manage, for over 14 years, is to disable autorun, and you should too. Microsoft has some simple ‘patches’ and instructions here:
http://support.microsoft.com/kb/953252

Make sure your antivirus is up to date – run a live update DAILY.
Run a full scan NOW and at least once a week.

Make sure your anti-spyware application is up to date – run a live update DAILY.
And run a full scan NOW and at least once a week.

Make sure your Windows is up to date – run windows update at least WEEKLY (Tuesdays are the day MS releases updates)
Download and install/run the latest MS Malicious Software Removal tool RIGHT NOW!!!!:
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang;=en

Use CCleaner http://www.filehippo.com/download_ccleaner/download/86e6a458e780243c3a944b66ec60b319/

to clean out temporary files at least once everyday.
I run it EVERYTIME I close my browser!

Never, ever install ‘special viewers/browser helper objects’. By that I mean if a site tells you you have to download/install a plug-in to ‘view/watch’ a particular file – YOU DON’T NEED IT!

And finally make sure you change your passwords regularly, and make sure they are ‘secure’; containing upper and lower case letters, numbers and symbols.

After you have done all of the above check out Microsoft’s Conflicker page for some more great information.
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

If you follow these steps you should be OK.
Remember most ‘hacks’ happen because of user actions – being tricked/suckered into installing the trojan or by users not keeping their protection software and operating system up to date.
Don’t become a statistic.

Good luck and safe computing.
Peace.

Calling demons bunnies

Scarry times indeed.

I have been saying this all along and don’t understand how some people get it.
Our current administration is completely out of touch with reality.

Our enemies, particularly radical islam, WANT US DEAD. Period, end of story. And will ruthlessly and patiently work toward that end.
The left believe that they are just ‘misguided or just want to get along too’. You know, “those poor little terrorists a just striving for peace”.

The last line of this article is the scariest, “…….mischaracterizes the nature of the enemy and its abilities.”
Does anybody remember September 11th, the Cole, the Embassy bombings, the London train station, the Spanish train stations, and all or our service men who perished at their hands??David Pearl?
The beheading’s on live TV?OR the tens of thousands of ‘infidels’ [read non-muslims or muslims who disagree with radicalism] that are killed every year!?
Helloooo!

It is impossible to reason with unreasonable people! Why can’t the left see that? Oh, wait because they themselves are as unreasonable.
Damn scarry, we’ll probably have to have another 9-ll to wake people up again. I pray we don’t.

http://www.foxnews.com/politics/elections/2009/03/25/report-obama-administration-backing-away-global-war-terror/

Enter Bios older Compaq laptops [Armada n700]

After many reboots and LOTS of searching figured out how to get in by clearing bios.
Do a hard restart – power off, remove batter then re-insert battery and plug power cable back in
Upon pressing the power up button Hold Fn+F11 to ‘reset’ the bios.
This will allow you to then enter the bios and make adjustments as necessary.
I just needed to be able to boot from the ‘multi-drive’ to get into my diag cd tools.
Few things are more aggravating than not being able to change boot orders or hdd configs.

Dell’s are notorious for this too. Their usual method to enter the bios is F2. But doesn’t always work.
And the response I often get from the Dell support guys when I have problems getting into their bios is, “well I guess you just can’t configure that on the model system”
What kinda crap is that?
Well anyways hope some of this helps.

Windows Media Player 11 on Windows 2003

Windows Media Player 11 on Windows 2003:

Alright, I’ve finally worked out a way how to do this, and as far as I can see from 5 test machines running Windows Server 2003, Standard; Windows Server 2003, Enterprise; Windows Server 2003 R2 Enterprise; Windows Server 2003, Datacenter, Windows Server 2003 x64 Enteprise… it works.

1) Download a Windows Media Player 11 setup file from one of the links here:
http://www.filewatcher.com/m/wmp11-windowsxp-x86-enu.exe.25755448.0.0.html and save to disk.
2) Run the setup file – the first thing you should see if a validation checker. Just leave this up, don’t go any further.
3) Search the hard drive for “wmp11.exe” – it should be in a temporary directory somewhere. Right click the file in the search then click “Open containing folder” (and not open).
4) Open and run the wmfdist11.exe file,
then umdf.exe
and finally wmdbexport.exe.
Be warned, you may need to run these files in Compatibilty Mode.
Simply right click each file, click Properties. Go to the Compatibility tab, then ensure that Windows XP is selected.
5) After all these are installed, you must restart (very important.)
6) Once you’ve restarted, run the wmp11.exe file in the same directory – this also may require compatibility settings being applied to it. Restart once more.
7) Back into Windows again, go to Start, Run then type in wmplayer then OK. Configure as you like, and viola it’s done

Hard Drive Size

Hard drive space:
To those of my friends who ask me about this EVERYTIME they get a new system.
“Why is my hard drive capacity not what is says on the box?”
I’ve got to say.
“What in the hell are you looking at this for, or more importantly CARING about this. Man you gotta focus on more important stuff.”

The way hdd space is reported by different hardware and software can be very misleading.For instance my 1TB Maxtor external hdd reports in Windows 2003 Enterprise Server as 931 GB in Windows Explorer, however if I right click and check the properties on it, it shows a capacity of 1,000,202,240,000 bytes or in technical terms just over 1 Terabyte.
Here is a really good explanation:
Example:
“I have a 120 GB hard drive but Windows XP claims it’s size is 111.8 GB. What has happened to the other 8.2 GB? “
Here is the definitive answer:

Hard drive manufacturers calculate hard disk size in ‘base 10’ notation while Windows does the calculation in ‘base 2’ (binary) format.
Both the manufacturer and Windows are giving you the “correct” number.
1 Gigabyte as defined by a manufacturer is 1,000,000,000,000 Bytes. This makes sense in the metric base 10 sense as we define kilo as 1000, mega as 1,000,000 and giga as 1,000,000,000,000.
Windows, however, calculates the disk size in a base 2 system. Base 2 does not convert into base 10 exactly in most cases but back in the day it was close enough so that a kilobyte was defined as 2^10 or 1024. 2^10 is 1024 is 1 kilobyte2^20 is 1048576 or 1 megabyte2^30 is 1073741824 or 1 gigabyte.

When the hard disk manufacturer sold you a 120 Gig hard drive, they were selling you 120,000,000,000 bytes.
Windows divides this number by what it considers a GB (1073741824) and reports the hard disk size as:120000000000 (bytes) / 1073741824 (bytes per GB) = 111.8 GB.
This accounts for the ‘missing’ 8.2 GB in the hard disk’s size.
You still have 120,000,000,000 bytes to use but because of inconsistent definitions of what kilo, mega and giga really represent, there is an inconsistency in the measurement of size.

Get it??

Now do the math and you will see what you have.
End of story.
Have fun out there.

Essay by Robert A. Hall

This is an essay by Robert A. Hall. I had to post it because it addresses so much.
I could not have said any of this better.
Very well said sir, Semper Fidelis!
————————-
Why don’t more people say this ……. they’re thinking it!
“I’m Tired” by Robert A. Hall

I’ll be 63 soon. Except for one semester in college when jobs were scarce, and a six-month period when I was between jobs, but job-hunting every day, I’ve worked, hard, since I was 18. Despite some health challenges, I still put in 50-hour weeks, and haven’t called in sick in seven or eight years. I make a good salary, but I didn’t inherit my job or my income, and I worked to get where I am. Given the economy, there’s no retirement in sight, and I’m tired. Very tired..
I’m tired of being told that I have to “spread the wealth around” to people who don’t have my work ethic. I’m tired of being told the government will take the money I earned, by force if necessary, and give it to people too lazy or stupid to earn it.
I’m tired of being told that I have to pay more taxes to “keep people in their homes.” Sure, if they lost their jobs or got sick, I’m willing to help. But if they bought McMansions at three times the price of our paid-off, $250,000 condo, on one-third of my salary, then let the leftwing Congresscritters who passed Fannie and Freddie and the Community Reinvestment Act that created the bubble help them—with their own money.

I’m tired of being told how bad America is by leftwing millionaires like Michael Moore, George Soros and Hollywood entertainers who live in luxury because of the opportunities America offers. In thirty years, if they get their way, the United States will have the religious freedom and women’s rights of Saudi Arabia, the economy of Zimbabwe, the freedom of the press of China, the crime and violence of Mexico, the tolerance for Gay people of Iran, and the freedom of speech of Venezuela. Won’t multiculturalism be beautiful?
I’m tired of being told that Islam is a “Religion of Peace,” when every day I can read dozens of stories of Muslim men killing their sisters, wives and daughters for their family “honor;” of Muslims rioting over some slight offense; of Muslims murdering Christian and Jews because they aren’t “believers;” of Muslims burning schools for girls; of Muslims stoning teenage rape victims to death for “adultery;” of Muslims mutilating the genitals of little girls; all in the name of Allah, because the Qur’an and Shari’a law tells them to.
I believe “a man should be judged by the content of his character, not by the color of his skin.” I’m tired of being told that “race doesn’t matter” in the post-racial world of President Obama, when it’s all that matters in affirmative action jobs, lower college admission and graduation standards for minorities (harming them the most), government contract set-asides, tolerance for the ghetto culture of violence and fatherless children that hurts minorities more than anyone, and in the appointment of US Senators from Illinois. I think it’s very cool that we have a black president and that a black child is doing her homework at the desk where Lincoln wrote the emancipation proclamation. I just wish the black president was Condi Rice, or someone who believes more in freedom and the individual and less in an all-knowing government.
I’m tired of a news media that thinks Bush’s fundraising and inaugural expenses were obscene, but that think Obama’s, at triple the cost, were wonderful. That thinks Bush exercising daily was a waste of presidential time, but Obama exercising is a great example for the public to control weight and stress, that picked over every line of Bush’s military records, but never demanded that Kerry release his, that slammed Palin with two years as governor for being too inexperienced for VP, but touted Obama with three years as senator as potentially the best president ever.
Wonder why people are dropping their subscriptions or switching to Fox News? Get a clue. I didn’t vote for Bush in 2000, but the media and Kerry drove me to his camp in 2004.
I’m tired of being told that out of “tolerance for other cultures” we must let Saudi Arabia use our oil money to fund mosques and madrassa Islamic schools to preach hate in America , while no American group is allowed to fund a church, synagogue or religious school in Saudi Arabia to teach love and tolerance.
I’m tired of being told I must lower my living standard to fight global warming, which no one is allowed to debate. My wife and I live in a two-bedroom apartment and carpool together five miles to our jobs. We also own a three-bedroom condo where our daughter and granddaughter live. Our carbon footprint is about 5% of Al Gore’s, and if you’re greener than Gore, you’re green enough.

I’m tired of being told that drug addicts have a disease, and I must help support and treat them, and pay for the damage they do. Did a giant germ rush out of a dark alley, grab them, and stuff white powder up their noses while they tried to fight it off? I don’t think Gay people choose to be Gay, but I damn sure think druggies chose to take drugs.. And I’m tired of harassment from cool people treating me like a freak when I tell them I never tried marijuana.
I’m tired of illegal aliens being called “undocumented workers,” especially the ones who aren’t working, but are living on welfare or crime. What’s next? Calling drug dealers, “Undocumented Pharmacists”? And, no, I’m not against Hispanics. Most of them are Catholic and it’s been a few hundred years since Catholics wanted to kill me for my religion. I’m willing to fast track for citizenship any Hispanic person who can speak English, doesn’t have a criminal record and who is self-supporting without family on welfare, or who serves honorably for three years in our military. Those are the citizens we need.
I’m tired of latte liberals and journalists, who would never wear the uniform of the Republic themselves, or let their entitlement-handicapped kids near a recruiting station, trashing our military. They and their kids can sit at home, never having to make split-second decisions under life and death circumstances, and bad mouth better people then themselves. Do bad things happen in war? You bet. Do our troops sometimes misbehave? Sure. Does this compare with the atrocities that were the policy of our enemies for the last fifty years—and still are? Not even close. So here’s the deal. I’ll let myself be subjected to all the humiliation and abuse that was heaped on terrorists at Abu Ghraib or Gitmo, and the critics can let themselves be subject to captivity by the Muslims who tortured and beheaded Daniel Pearl in Pakistan, or the Muslims who tortured and murdered Marine Lt. Col. William Higgins in Lebanon, or the Muslims who ran the blood-spattered Al Qaeda torture rooms our troops found in Iraq, or the Muslims who cut off the heads of schoolgirls in Indonesia, because the girls were Christian. Then we’ll compare notes. British and American soldiers are the only troops in history that civilians came to for help and handouts, instead of hiding from in fear.
I’m tired of people telling me that their party has a corner on virtue and the other party has a corner on corruption. Read the papers—bums are bi-partisan. And I’m tired of people telling me we need bi-partisanship. I live in Illinois , where the “ Illinois Combine” of Democrats and Republicans has worked together harmoniously to loot the public for years. And I notice that the tax cheats in Obama’s cabinet are bi-partisan as well.
I’m tired of hearing wealthy athletes, entertainers and politicians of both parties talking about innocent mistakes, stupid mistakes or youthful mistakes, when we all know they think their only mistake was getting caught. I’m tired of people with a sense of entitlement, rich or poor.
Speaking of poor, I’m
tired of hearing people with air-conditioned homes, color TVs and two cars called poor. The majority of Americans didn’t have that in 1970, but we didn’t know we were “poor.” The poverty pimps have to keep changing the definition of poor to keep the dollars flowing.
I’m real tired of people who don’t take responsibility for their lives and actions. I’m tired of hearing them blame the government, or discrimination, or big-whatever for their problems.
Yes, I’m damn tired. But I’m also glad to be 63. Because, mostly, I’m not going to get to see the world these people are making. I’m just sorry for my granddaughter.

Robert A. Hall is a Marine Vietnam veteran who served five terms in the Massachusetts state senate. He blogs at www.tartanmarine.blogspot.com

Share External Mac Volumes

If you have a mixed environment of PC’s – MS Windows and Macintosh, it can be tough to configure access to shared resources on shared machines.
Sure you might think OSX can do this with the ‘Windows File Sharing’ but you are limited to the ‘home’ folder.
Sharing a Windows folder or drive is actually fairly simple and straight forward.
Here is a great tutorial from Lifehacker on how to mount Windows shared folders in OSX:

http://lifehacker.com/software/mac-os-x/how-to-mount-a-windows-shared-folder-on-your-mac-247148.php

But what about sharing other (like external drives) resources on you Mac with other Macs and PC’s
By that I mean what happens if one of your Mac’s used for Graphic Arts or Pre Press has external drives that need to be shared to other Mac’s and PC’s
I have found VERY few articles that describe this easily and succinctly in over a decade of working with Mac’s.
So here is what has worked for me.:
——————————————
You can share any volumes on the Mac, USB, Firewire and other internal drives etc.

First TURN OFF WINDOWS FILE SHARING in the System Preferences.
I find the first example works best for me most of the time.
Then Go to Applications

Then Utilities and find the Terminal application and open it.

Open Terminal and type;

cd /etc

sudo pico smb.conf

———————————————————-

You’ll be prompted for the password.

Then scroll down to the end of the options and add something like this below:

[BIG EXTERNAL]

comment = BIG EXTERNAL

path = /Volumes/BIG EXTERNAL/

browsable = yes

public = yes

read only = no

Or maybe like this:

[USB]

comment = USB Drive

path = /Volumes/USB Drive name

valid users = joe user

public = no

writable = yes

printable = no

When done making your changes, hit Control-O to write changes to disk (save additions to smb.conf file) and press Return when prompted for a file name. The hit Control-X to quit pico and close the Terminal window.

Now go to your Window PCs and try and ‘browse’ the network and find your shares.
——————————————————

To share additional folders, duplicate the section above — but change the name, comment, and path for each new folder.
I have used this and veriations of this technique for years with great success.
Hope this helps you get productive.

Ok now what if you need to mount an NTFS volume ‘in’ OS X?
There are a few solutions.
This one is condensed from tips from MacOSXHints:

Snow Leopard has the ability to mount NTFS volumes as read/write, but it’s not enabled by default — just read only is supported, as in 10.5. Here’s how to get full read/write support for NTFS drives in Snow Leopard.
First, uninstall NTFS-3G or Paragon if you’re using either one!

Here’s how to get read/write support for NTFS drives in Snow Leopard:

1. In Terminal, type diskutil info /Volumes/volume_name, where volume_name is the name of the NTFS volume. From the output, copy the Volume UUID value to the clipboard.

2. Back up /etc/fstab if you have it; it shouldn’t be there in a default install.

3. Type sudo nano /etc/fstab.

4. In the editor, type UUID=, then paste the UUID number you copied from the clipboard. Type a Space, then type none ntfs rw. The final line should look like this: UUID=123-456-789 none ntfs rw, where 123-456-789 is the UUID you copied in the first step.

5. Repeat the above steps for any other NTFS drives/partitions you have.

6. Save the file and quit nano (Control-X, Y, Enter), then restart your system.

After rebooting, NTFS partitions should natively have read and write support.
This works with both 32- and 64-bit kernels. Support is quite good and fast, and it even recognizes file attributes such as hidden files.
[There may be good reasons why Apple left support disabled, so use at your own risk!]

Another solution that may be simpler is to use this utility which ‘puts’ a GUI onto the above style tweak.

Anyhow I hope this helps